If you think spam hawking Viagra, pirated Microsoft software and get-rich-quick schemes is sent by lowlifes and their evil spam-spewing computers, you're wrong.
Today, more than 80 percent of all spam worldwide comes from zombie PCs owned by businesses, universities and average computer owners, according to email security service provider MessageLabs.
Zombie PCs are computers that have been infected by malicious code, allowing spammers to use them to send email. The use of zombies by hackers isn't new. But, according to experts, this practice has become increasingly organised and profitable over the past year.
Another security company, Sophos, estimates that about 50 percent of spam currently originates from zombie PCs, a 25 percent increase over the past year. Although Sophos's estimates are lower than Message Labs numbers, the growth in the number of zombie attacks is undeniable – and alarming.
What's causing the increase? New anti-spam laws and better spam filters have made it harder to send junk email, so spammers are looking for more creative ways to send messages. And many of these low-lifes have found help from what once would have been an unlikely source: hackers and virus writers.
By routing email through zombie computers, spammers avoid spending money on the bandwidth they'd need to send out millions of messages. Using zombies also allows them to hide the origins of their mail, making it more difficult for law enforcement officials to find them. Many times, these zombie networks are also used to launch DoS (denial-of-service) attacks.
Worms such as Bagel, Glieder and Sobig have been identified as containing malicious code, or malware, that allows remote attackers to take over infected machines. The Glieder worm, for example, directs an infected computer to a website to download the Mitglieder Trojan horse. Next, the program disables the PC's firewall and antivirus software and opens a back door, allowing the computer to be controlled remotely by hackers.
Once they have gained control over the PC, hackers can then use the system to send spam or instruct it to carry out a DoS attack.
You can reduce the risk of your PC being turned into a zombie by installing a personal firewall and antivirus software, and keeping your copy of Windows up-to-date. If you are concerned that a Trojan horse may have disabled your firewall or antivirus software, launch the programs and make sure they are still running.
Symptoms of a zombie PC include a suddenly sluggish broadband connection, excessive hard drive activity, an unresponsive mouse or keyboard, or bounce notifications in your inbox from people you never tried to contact. But these symptoms do not guarantee that your PC is a zombie.
If you fear your PC is a spam-spewing zombie, check to see whether your computer's IP address has made it onto an antispam blacklist.